Software assurance tools are often used to identify possible vulnerabilities or potentially malicious code in software systems, including Commercial Off-The-Shelf (COTS) software systems. Security may be put at risk by such vulnerabilities or malicious code in these systems. It is often helpful to identify any risks early in the software development lifecycle, long before final integration, deployment, and long-term support take place. Existing automated tools are capable of examining source or binary code statically, before execution, and/or dynamically, such as by observing internal or external behavior of the executed code or by inserting probes.
Existing software assurance tools have a number of advantages, such as speed and volume of coverage. However, these advantages come at the cost of limited breadth of scope and over specialization. Many of these existing tools require source code access, which may not, in many cases, be available or readily accessible. Additionally, existing tools may identify lists of potential vulnerabilities that are largely incomplete (i.e., many false negatives), or which contain false positives that require large amounts of human analysis to triage.